Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In September 2022
CVE-2022-36853
Intent redirection in Photo Editor prior to SMR Sep-2022 Release 1 allows attacker to get sensitive information.
CVSS Score
3.3
EPSS Score
0.001
Published
2022-09-09
CVE-2022-36854
Out of bound read in libapexjni.media.samsung.so prior to SMR Sep-2022 Release 1 allows attacker access unauthorized information.
CVSS Score
4.0
EPSS Score
0.0
Published
2022-09-09
CVE-2022-36855
A use after free vulnerability in iva_ctl driver prior to SMR Sep-2022 Release 1 allows attacker to cause memory access fault.
CVSS Score
4.4
EPSS Score
0.0
Published
2022-09-09
CVE-2022-36856
Improper access control vulnerability in Telecom application prior to SMR Sep-2022 Release 1 allows attacker to start emergency calls via undefined permission.
CVSS Score
4.0
EPSS Score
0.0
Published
2022-09-09
CVE-2022-36857
Improper Authorization vulnerability in Photo Editor prior to SMR Sep-2022 Release 1 allows physical attackers to read internal application data.
CVSS Score
1.9
EPSS Score
0.0
Published
2022-09-09
CVE-2022-2526
A use-after-free vulnerability was found in systemd. This issue occurs due to the on_stream_io() function and dns_stream_complete() function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the DNSStream object, causing the use-after-free when the reference is still used later.
CVSS Score
9.8
EPSS Score
0.003
Published
2022-09-09
CVE-2022-2905
An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.
CVSS Score
5.5
EPSS Score
0.0
Published
2022-09-09
CVE-2022-2964
A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.
CVSS Score
7.8
EPSS Score
0.0
Published
2022-09-09
CVE-2022-35275
Authenticated (shop manager+) Reflected Cross-Site Scripting (XSS) vulnerability in AlgolPlus Advanced Order Export For WooCommerce plugin <= 3.3.1 at WordPress.
CVSS Score
4.8
EPSS Score
0.003
Published
2022-09-09
CVE-2022-35277
Cross-Site Request Forgery (CSRF) vulnerability in GetResponse plugin <= 5.5.20 at WordPress.
CVSS Score
5.4
EPSS Score
0.001
Published
2022-09-09


Products
Pricing
Contact Us

Shodan ® - All rights reserved